Revealed: RSA offered more than one NSA-designed security tool

A team of researchers has found that the American security firm RSA implemented two different encryption tools built by the National Security Agency, both of which were designed to be exploited easily for surveillance purposes.

According to Reuters, the revelation was made
by professors from multiple universities – including the
University of Wisconsin and the University of Illinois – and
indicates the NSA was able to infiltrate the company’s security
systems even more than previously believed.

Last year, Reuters also reported that RSA entered into a
clandestine deal with the NSA, in which it was given $10 million
in exchange for promoting the use of weak security systems and
encryption services. At the time, it was revealed that RSA made a
specific algorithm – Dual Elliptic Curve DRGB – the default
option in its BSAFE security toolkit.

The latest discovery by university researchers alleges that RSA
also implemented a second security tool, known as the “Extended
Random” extension. As noted by Reuters, this tool was not used
very often compared to others, but it “could help crack a version
of RSA's Dual Elliptic Curve software tens of thousands of times
faster” than others.

"Adding it doesn't seem to provide any security benefits that
we can figure out," Thomas Ristenpart, one of the
researchers at the University of Wisconsin, told the news
service.

When contacted about the new information, RSA did not deny the
allegation that it incorporated Extended Random into its
portfolio of security tools. It did state, however, that the tool
was removed sometime in the past six months, and that it has done
nothing to deliberately weaken its security software.

The company also did not comment on whether or not it was paid to
offer the tool as an option alongside other programs.

"We could have been more skeptical of NSA's intentions,"
RSA Chief Technologist Sam Curry said to Reuters. "We trusted
them because they are charged with security for the U.S.
government and U.S. critical infrastructure."

In December, RSA also released a statement denying it was hiding
its involvement with the NSA, denying that it entered into a
secret contract to make Dual EC the default algorithm, but
notably it did not push back against the claim that it accepted
money to do so.

As RT noted then, Microsoft researched had exposed
several weaknesses in the code back in 2007, but RSA continued to
list Dual EC as the default choice for another five years. Only
after Edward Snowden leaked documents revealing the NSA’s
campaign to embed weak encryption services into security software
did the company remove the algorithm.

The situation also represents a notable shift for the company, which
established closer ties to the government after the 2001 World
Trade Center attacks and made it more susceptible to federal
influence. During the Clinton era, RSA successfully defended
against government attempts to embed chips in computers that
would allow it to easily avoid encryption protections.